Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-7249
Deferred
More InfoOfficial Page
Source-vultures@jpcert.or.jp
View Known Exploited Vulnerability (KEV) details
Published At-19 Dec, 2014 | 11:59
Updated At-12 Apr, 2025 | 10:46

Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
alliedtelesis
alliedtelesis
>>centrecom_ar415s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_ar415s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar415s>>*
cpe:2.3:h:alliedtelesis:centrecom_ar415s:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8624t\/2m_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-8624t\/2m_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8624t\/2m>>*
cpe:2.3:h:alliedtelesis:at-8624t\/2m:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar442s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:ar442s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar442s>>-
cpe:2.3:h:alliedtelesis:ar442s:-:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-9924t_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-9924t_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-9924t>>*
cpe:2.3:h:alliedtelesis:at-9924t:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8848_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-8848_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8848>>*
cpe:2.3:h:alliedtelesis:at-8848:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>rapier_48i_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:rapier_48i_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>rapier_48i>>*
cpe:2.3:h:alliedtelesis:rapier_48i:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar450s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_ar450s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar450s>>*
cpe:2.3:h:alliedtelesis:centrecom_ar450s:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar745_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:ar745_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar745>>-
cpe:2.3:h:alliedtelesis:ar745:-:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar441s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:ar441s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar441s>>-
cpe:2.3:h:alliedtelesis:ar441s:-:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_9924sp_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_9924sp_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_9924sp>>*
cpe:2.3:h:alliedtelesis:centrecom_9924sp:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>switchblade4000_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:switchblade4000_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>switchblade4000>>*
cpe:2.3:h:alliedtelesis:switchblade4000:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8624poe_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-8624poe_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8624poe>>*
cpe:2.3:h:alliedtelesis:at-8624poe:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_9924t\/4sp_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_9924t\/4sp_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_9924t\/4sp>>*
cpe:2.3:h:alliedtelesis:centrecom_9924t\/4sp:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-9816gb_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-9816gb_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-9816gb>>*
cpe:2.3:h:alliedtelesis:at-9816gb:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-9924ts_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-9924ts_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-9924ts>>*
cpe:2.3:h:alliedtelesis:at-9924ts:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar750s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:ar750s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar750s>>-
cpe:2.3:h:alliedtelesis:ar750s:-:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar570s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_ar570s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar570s>>*
cpe:2.3:h:alliedtelesis:centrecom_ar570s:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_8948xl_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_8948xl_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_8948xl>>*
cpe:2.3:h:alliedtelesis:centrecom_8948xl:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8648t\/2sp_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-8648t\/2sp_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8648t\/2sp>>*
cpe:2.3:h:alliedtelesis:at-8648t\/2sp:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_8700sl_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_8700sl_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar8700sl>>*
cpe:2.3:h:alliedtelesis:centrecom_ar8700sl:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar750s-dp_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:ar750s-dp_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar750s-dp>>-
cpe:2.3:h:alliedtelesis:ar750s-dp:-:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar550s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:centrecom_ar550s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>centrecom_ar550s>>*
cpe:2.3:h:alliedtelesis:centrecom_ar550s:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8748xl_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:at-8748xl_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>at-8748xl>>*
cpe:2.3:h:alliedtelesis:at-8748xl:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar440s_firmware>>Versions up to 2.9.1-20(inclusive)
cpe:2.3:o:alliedtelesis:ar440s_firmware:*:*:*:*:*:*:*:*
alliedtelesis
alliedtelesis
>>ar440s>>-
cpe:2.3:h:alliedtelesis:ar440s:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://jvn.jp/en/jp/JVN22440986/index.htmlvultures@jpcert.or.jp
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000132vultures@jpcert.or.jp
Vendor Advisory
http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.htmlvultures@jpcert.or.jp
Vendor Advisory
http://jvn.jp/en/jp/JVN22440986/index.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000132af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Change History
0Changes found
Details not found